Panthers recognises the importance of your privacy and your right to control your Personal Information and is committed to complying with applicable privacy laws (including the Privacy Act and GDPR). We will only request Personal Information that is reasonably necessary for us to perform our functions and activities as a Rugby League club. Please be aware, you are under no obligation to provide us with your Personal Information, but if you choose not to provide your Personal Information, you may not be able to take advantage of one or more of the features we offer. On request and wherever it is lawful and practicable, we will offer you the opportunity of not identifying yourself, or of using a pseudonym, when entering transactions, or otherwise dealing with, Panthers.
2. How we share information as part of the Rugby League Exchange
Panthers is always seeking to better understand our player and fan preferences including by analysing your Personal Information to understand trends and interests. Panthers has, in conjunction with the National Rugby League, other clubs, Queensland Rugby League, New South Wales Rugby League, Country League of NSW and selected third parties, established a data storage architecture and data sharing platform for processing Personal Information with this aim (Rugby League Exchange).
3. What types of personal information may we collect?
The types of Personal Information Panthers may collect depends on the purposes for which such information is collected but may include (without limitation):
a. your name, gender, date or birth, occupation, residential address, email address, telephone number and other contact details;
b. memberships, subscriptions and attendance history at Panthers matches (whether you have used your membership to purchase tickets, or as a casual ticket purchaser);
c. purchasing preferences and financial details which we collect when you buy tickets, purchase merchandise and/or as part of competitions and promotions.
Panthers will generally not collect Sensitive Information from you. However, where Panthers seeks to collect Sensitive Information from you, it will do so in accordance with applicable privacy laws (including the Privacy Act and GDPR), for instance by obtaining your express consent for such a collection.
4. How do we collect your personal information?
Where it is reasonable and practicable to do so, Panthers will collect Personal Information directly from you (without limitation):
a. when you order merchandise through our online store located at http://store.penrithpanthers.com.au/;
b. when you become a member or purchase tickets to home games at Panthers Stadium, via http://ticketek.com.au
c. when you enter a promotion or competition via the Panthers social media platforms or official website, http://penrithpanthers.com.au
In addition to collecting Personal Information directly from you, we may also collect Personal Information from:
a. the NRL, QRL, NSWRL and selected third parties (for instance, Ticketek and Ticketmaster);
b. when you join a junior rugby league club in the Panthers district.
5. Why do we collect, use hold and disclose your personal information?
We collects, uses, discloses or holds Personal Information that is reasonably necessary for Penrith Panthers to perform one or more functions or activities as a club including (without limitation):
a. organisation, conduct and promotion of matches involving Penrith Panthers (for instance, providing you information about upcoming ticket offers and deals for the next home matches);
b. promotion and sale of Panthers merchandise;
c. direct marketing of Panthers products or services; and
d. to conduct research for Panthers products, services or events.
We use, disclose or hold your Personal Information for the primary purpose for which it was collected, a related secondary purpose, or as otherwise required in accordance with applicable privacy laws (including the Privacy Act and GDPR) (for instance, we may be required to disclose your Personal Information to a law enforcement agency).
6. Who do we disclose your personal information to?
Panthers may provide your Personal Information to third parties as part of our functions and activities including (without limitation):
a. Delivery, courier and postal organisations: we may disclose your Personal Information to delivery, courier and postal organisations in order to deliver merchandise and membership components you order;
c. Law enforcement and emergency services agencies: we may disclose your Personal Information where required or authorised to do so by law, including in emergency situations and to assist law enforcement agencies with active investigations. We will always ensure that those to whom we disclose your Personal Information have the legal right to receive it.
d. Panthers discloses information to marketing organisations to administer promotions, etc. as Panthers engage email marketing providers, market research companies, promotions management and other data analytics companies to perform direct marketing on our behalf. You will always have the right to opt out of receiving promotional materials from us.
7. Transborder data flows
a. Subject to clauses 7(b) and 7(c), Panthers will not transfer your Personal Information to an overseas recipient unless it has first taken steps reasonable in the circumstances to ensure that the Personal Information that it transfers will not be held, used or disclosed by the recipient of the information inconsistently with, or otherwise in breach of, applicable privacy laws (including the Privacy Act and GDPR). For example, Panthers may adopt appropriate contractual clauses with overseas recipients that ensure their compliance with applicable privacy laws (including the Privacy Act and GDPR.
b. We may disclose your Personal Information to overseas recipients for things such as processing membership and hosting services, most likely in China, the United States and New Zealand, although countries where such recipients are located may vary.
c. Panthers may transfer Personal Information about you to someone who is in a foreign country if:
i. Panthers reasonably believes that the recipient is subject to a law or binding scheme that has the effect of protecting the information in a way that is, overall, substantially similar to applicable privacy laws (including the Privacy Act and GDPR) and there are mechanisms available to you to enforce that protection or scheme; and
ii. you expressly consent to the transfer after Panthers has informed you that the applicable privacy laws (including the Privacy Act and GDPR) will no longer apply if you provide your express consent.
8. How is your personal information secured?
We understand you have entrusted us with the protection of your Personal Information. As such, we take reasonable steps, with the assistance of the NRL, to protect your Personal Information from misuse, loss, unauthorised access, modification or disclosure. This includes engaging reputable third party service providers and ensuring that we engage (where possible and practical to do so) in best practice security systems and procedures.
9. Access to and correction of personal information
You can access or correct your Personal Information through:
a. your NRL Account profile; or
b. contacting our Privacy Officer at the 'Inquiries Procedure' set out below.
Please ensure that any written request for access or correction addressed to our Privacy Officer provides adequate detail that identifies what Personal Information you want access to or corrected. Where your request will incur costs, we may charge you a fee to cover those costs (for instance, reasonable staff costs in searching for, locating and retrieving the requested Personal Information). We will inform you of any such charges prior to your request being actioned.
In certain circumstances, we may refuse to provide you access to your Personal Information. Where we refuse you access, we will provide you with a written explanation as to the reasons for the rejection (for instance, we may refuse to disclose Personal Information to you where such access would have an unreasonable impact on the privacy of other individuals).
10. Notifiable data breaches scheme
In the event of any loss, or unauthorised access or disclosure of your Personal Information that is likely to result in serious harm to you, Panthers, with the assistance of the NRL, will investigate and notify you and where applicable the relevant supervisory authority (e.g. the Australian Information Commissioner) within 72 hours of becoming aware of the loss, or unauthorised access or disclosure, in accordance with applicable privacy laws (including the Privacy Act and GDPR).
11. Inquiries Procedure
- Panthers Privacy Officer
- Panthers Rugby League Academy
- 123 Mulgoa Rd,
- Penrith, NSW 2750
(02) 4720 9100
At all times, privacy inquiries and complaints will be treated seriously, dealt with promptly and confidentially.